Description of problem: dovecot-pigeonhole 0.4.10 crashes when sieve matches against some extracted body parts... maillog contains: dovecot: lda(xxx): Panic: file str.c: line 22 (str_new_const): assertion failed: (str[len] == '\0') dovecot: lda(xxx): Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x827c2) [0x7f274a5cd7c2] -> /usr/lib64/dovecot/libdovecot.so.0(+0x8287a) [0x7f274a5cd87a] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7f274a574b01] -> /usr/lib64/dovecot/libdovecot.so.0(+0xa9468) [0x7f274a5f4468] -> /usr/lib64/dovecot/libdovecot-sieve.so.0(+0x61ddc) [0x7f2749919ddc] -> /usr/lib64/dovecot/libdovecot-sieve.so.0(sieve_match+0xf1) [0x7f27499002e1] -> /usr/lib64/dovecot/libdovecot-sieve.so.0(+0x62685) [0x7f274991a685] -> /usr/lib64/dovecot/libdovecot-sieve.so.0(sieve_interpreter_continue+0x7c) [0x7f27498f70ec] -> /usr/lib64/dovecot/libdovecot-sieve.so.0(sieve_interpreter_run+0x2b) [0x7f27498f730b] -> /usr/lib64/dovecot/libdovecot-sieve.so.0(+0x52690) [0x7f274990a690] -> /usr/lib64/dovecot/libdovecot-sieve.so.0(sieve_execute+0x47) [0x7f274990b1f7] -> /usr/lib64/dovecot/lib90_sieve_plugin.so(+0x3b90) [0x7f2749b70b90] -> /usr/lib64/dovecot/libdovecot-lda.so.0(mail_deliver+0x49) [0x7f274ab888e9] -> /usr/libexec/dovecot/dovecot-lda(main+0x666) [0x563025824c16] -> /lib64/libc.so.6(__libc_start_main+0xf0) [0x7f274a1aa580] -> /usr/libexec/dovecot/dovecot-lda(_start+0x29) [0x563025825279] Version-Release number of selected component (if applicable): dovecot-pigeonhole-2.2.21-1.fc23.x86_64 How reproducible: Some body parts extraction results in a corrupt part_list structure used in sieve 'body :text :contains "somestring"' matches Full debuginfo trace for reference: #0 0x00007f283bdf4a98 in raise () from /lib64/libc.so.6 #1 0x00007f283bdf669a in abort () from /lib64/libc.so.6 #2 0x00007f283c2037ba in default_fatal_finish (type=LOG_TYPE_PANIC, status=status@entry=0) at failures.c:201 #3 0x00007f283c20387a in i_syslog_fatal_handler (ctx=0x7ffe63694f20, format=<optimized out>, args=<optimized out>) at failures.c:418 #4 0x00007f283c1aab01 in i_panic ( format=format@entry=0x7f283c231d38 "file %s: line %d (%s): assertion failed: (%s)") at failures.c:275 #5 0x00007f283c22a468 in str_new_const (pool=<optimized out>, str=<optimized out>, len=<optimized out>) at str.c:22 #6 0x00007f283b54fddc in ext_body_stringlist_next_item (_strlist=0x5638b7543928, str_r=0x7ffe63695070) at ext-body-common.c:89 #7 0x00007f283b5362e1 in sieve_stringlist_next_item (str_r=0x7ffe63695070, strlist=0x5638b7543928) at sieve-stringlist.h:44 #8 sieve_match (renv=renv@entry=0x5638b7587e98, mcht=mcht@entry=0x7ffe63695120, cmp=cmp@entry=0x7ffe63695100, value_list=0x5638b7543928, key_list=0x5638b75438e0, exec_status=exec_status@entry=0x7ffe636950dc) at sieve-match.c:181 #9 0x00007f283b550685 in ext_body_operation_execute (renv=0x5638b7587e98, address=<optimized out>) at tst-body.c:381 #10 0x00007f283b52d0ec in sieve_interpreter_operation_execute (interp=0x5638b7587e40) at sieve-interpreter.c:870 #11 sieve_interpreter_continue (interp=interp@entry=0x5638b7587e40, interrupted=interrupted@entry=0x0) at sieve-interpreter.c:908 #12 0x00007f283b52d2da in sieve_interpreter_start (interp=interp@entry=0x5638b7587e40, result=<optimized out>, interrupted=interrupted@entry=0x0) at sieve-interpreter.c:939 #13 0x00007f283b52d30b in sieve_interpreter_run (interp=0x5638b7587e40, result=0x5638b7588e50) at sieve-interpreter.c:950 #14 0x00007f283b540690 in sieve_run (sbin=0x5638b7583620, result=result@entry=0x7ffe63695240, msgdata=0x7ffe63695330, senv=0x7ffe63695410, ehandler=ehandler@entry=0x5638b7573c80, flags=<optimized out>) at sieve.c:341 #15 0x00007f283b5411f7 in sieve_execute (sbin=<optimized out>, msgdata=<optimized out>, senv=<optimized out>, exec_ehandler=exec_ehandler@entry=0x5638b7573c80, action_ehandler=0x5638b7587630, flags=flags@entry=SIEVE_RUNTIME_FLAG_NOGLOBAL, keep=0x0) at sieve.c:550 #16 0x00007f283b7a6b90 in lda_sieve_singlescript_execute (srctx=0x7ffe636953a0) at lda-sieve-plugin.c:451 #17 lda_sieve_execute (storage_r=0x7ffe63695580, srctx=0x7ffe636953a0) at lda-sieve-plugin.c:867 #18 lda_sieve_deliver_mail (mdctx=<optimized out>, storage_r=0x7ffe63695580) at lda-sieve-plugin.c:928 #19 0x00007f283c7be8e9 in mail_deliver (ctx=0x7ffe636955c0, storage_r=0x7ffe63695580) at mail-deliver.c:440 #20 0x00005638b62e7c16 in main (argc=1, argv=0x5638b7549390) at main.c:440 Found in "Pigeonhole v0.4.11 for Dovecot v2.2.21" changelog: - Several fixes in message body part handling: - Fixed assert failure occurring when text extraction is attempted on an empty or broken text part. - Fixed assert failure in handling of body parts that are converted to text. I rebuilt dovecot with the upstream pigeonhole 0.4.11, and the bug does not re-occur.
dovecot-2.2.21-2.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-573fde9db4
dovecot-2.2.21-2.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2016-f43b13b3dd
Installed the updated package in place of my build, and generally works and bug is fixed. Thanks.
dovecot-2.2.21-2.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-f43b13b3dd
dovecot-2.2.21-2.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-573fde9db4
dovecot-2.2.21-2.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
dovecot-2.2.21-2.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.